VYPR

Sqlfluff

by Fluffington

pypi: sqlfluff

Source repositories

CVEs (3)

  • CVE-2026-46374HigJun 9, 2026
    risk 0.42cvss 7.5epss 0.00

    SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.2.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious long query to any application…

  • CVE-2026-46373HigJun 9, 2026
    risk 0.42cvss 7.5epss 0.00

    SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive…

  • CVE-2023-36830Jul 6, 2023
    risk 0.00cvss epss 0.00

    SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the `library_path` config value to allow arbitrary python code to be executed via…